Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
480323e25238f42906483afce0856240N.exe
-
Size
87KB
-
Sample
240803-ekjnxsxdjf
-
MD5
480323e25238f42906483afce0856240
-
SHA1
f3bba66df5618f2856342f11f9c0330f5d8ae733
-
SHA256
b82daf9afce6fdd20980035e0b7caa2d7fce3eb9f45fc3c63e8464018dc6eb2b
-
SHA512
a4f39624c584efad24ffe4331d971a446c4f9a2f447e879f13e056b9802ed42c1a988a18aa655f2890ec4a23a415077514993c24ca2695c41536fc56006d8051
-
SSDEEP
1536:W7ZppApBULcfpHLcfpyDoAd7ZppApBULcfpHLcfpyDoAvix:6pWpBwchcwDNpWpBwchcwDo
Static task
static1
Behavioral task
behavioral1
Sample
480323e25238f42906483afce0856240N.exe
Resource
win7-20240704-en
Behavioral task
behavioral2
Sample
480323e25238f42906483afce0856240N.exe
Resource
win10v2004-20240802-en
Malware Config
Targets
-
-
Target
480323e25238f42906483afce0856240N.exe
-
Size
87KB
-
MD5
480323e25238f42906483afce0856240
-
SHA1
f3bba66df5618f2856342f11f9c0330f5d8ae733
-
SHA256
b82daf9afce6fdd20980035e0b7caa2d7fce3eb9f45fc3c63e8464018dc6eb2b
-
SHA512
a4f39624c584efad24ffe4331d971a446c4f9a2f447e879f13e056b9802ed42c1a988a18aa655f2890ec4a23a415077514993c24ca2695c41536fc56006d8051
-
SSDEEP
1536:W7ZppApBULcfpHLcfpyDoAd7ZppApBULcfpHLcfpyDoAvix:6pWpBwchcwDNpWpBwchcwDo
Score9/10-
Renames multiple (4240) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops file in System32 directory
-